[j-nsp] junos vulnerability

Levent Ogut (posts) lom at doruk.net.tr
Wed Jan 26 14:35:29 EST 2005


Bugun vulnerability gunu, dunyanin heryerinde kutlayalim





Title Security Vulnerability in JUNOS Software

Products Affected All M-series and T-series routing platforms

Platforms Affected
�� Security
�� JUNOS 7.x
�� JUNOS 5.x
�� JUNOS 6.x
�� JUNOS 3.x
�� JUNOS 4.x

Revision Number 1

Issue Date 2005-01-26

PSN Issue : Juniper Networks has identified a serious security  
vulnerability
within our JUNOS Software. This vulnerability could be exploited either by  
a
directly-attached neighboring device or by a remote attacker that can
deliver certain packets to the router. Routers running vulnerable JUNOS
software are susceptible regardless of the router's configuration. It is  
not
possible to use firewall filters to protect vulnerable routers. This
vulnerability is specific to Juniper Networks routers running JUNOS  
software
releases built prior to January 7, 2005. Routers that do not run JUNOS
software are not susceptible to this vulnerability. Juniper Networks is not
aware of any actual or attempted exploit of this vulnerability.

Solution: JUNOS software has been modified to address this vulnerability.
All versions of JUNOS software built on or after January 22, 2005 contain
the modified code. Software built between January 7 and January 22 may
contain the modified code, depending on the specific JUNOS release.
Solution Implementation: All customers are strongly encouraged to upgrade
their software to a release that contains the modified code. Pointers to
software releases that contain the corrected code can be found in the
Related Links section below. Customers can also contact the Juniper  
Networks
Technical Assistance Center for download information.

RelatedLinks
�� Software Download Links

Attributes
Audience Customer Service

Alert Type Product Support Notification

Risk Level High

Risk Assessment
Both directly-attached and remote attackers can severely disrupt normal
operation of the routing
platform.

Created Date 2005-01-26 05:13:46.0

Last Modified
Date
2005-01-26 05:13:46.0
<< Back
[Search Tips]
Page 1 of 1 Juniper Networks, Inc. - JTAC Technical Bulletins View
27-Jan-05
http://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2005-01-...



More information about the juniper-nsp mailing list